Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus's not installing


  • Please log in to reply
5 replies to this topic

#1 Litre

Litre

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:16 AM

Posted 08 December 2011 - 01:31 PM

I've tried all of these antiviruses, and they come up with an error, except Bitdefender which tells me that the services stopped functioning.

I've come to the conclusion that this is probably caused by a virus, sorry if this is in the wrong section, didn't know which section to post this in.

Can anyone help me?

I'm running Windows 7 Build 7601 SP1. If there's anything else you need, ask. I will post it.

Edited by Litre, 08 December 2011 - 01:36 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:16 AM

Posted 08 December 2011 - 07:20 PM

What other anti-malware programs do you have installed?

Have you tried using trustworthy security tools like:
Have you tried performing an Online Virus Scan?

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Litre

Litre
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:16 AM

Posted 08 December 2011 - 09:01 PM

I have installed Malwarebytes, and I did a full scan. It found around 50 threats, and I removed them all. But AVG still isn't installing though.

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:16 AM

Posted 08 December 2011 - 09:40 PM

Please post the complete results of your last MBAM scan for review (even if nothing was found).

To retrieve the Malwarebytes Anti-Malware scan log information, launch MBAM.
  • Click the Logs Tab at the top.
  • The log will be named by the date of scan in the following format: mbam-log-date(time).txt
    -- If you have previously used MBAM, there may be several logs showing in the list.
  • Click on the log name to highlight it.
  • Go to the bottom and click on Open.
  • The log should automatically open in notepad as a text file.
  • Go to Edit and choose Select all.
  • Go back to Edit and choose Copy or right-click on the highlighted text and choose Copy from there.
  • Come back to this thread, click Add Reply, then right-click and choose Paste.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Logs are saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7, 2008: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd



Please perform a scan with Eset Online Anti-virus Scanner.
  • If using Mozilla Firefox, you will be prompted to download and use the ESET Smart Installer. Just double-click on esetsmartinstaller_enu.exe to install.
  • Vista/Windows 7 users need to run Internet Explorer/Firefox as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
  • Click the green Posted Image button.
  • Read the End User License Agreement and check the box:
  • Check Posted Image.
  • Click the Posted Image button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
  • Under scan settings, check Posted Image and make sure that the option Remove found threats is NOT checked.
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the Start button.
  • ESET will install itself, download virus signature database updates, and begin scanning your computer.
  • The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop as ESETScan.txt.
  • Push the Posted Image button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply. If no threats are found, there is no option to create a log.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Litre

Litre
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:16 AM

Posted 09 December 2011 - 06:48 AM

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7622

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

12/4/2011 10:13:01 PM
mbam-log-2011-12-04 (22-13-01).txt

Scan type: Full scan (C:\|)
Objects scanned: 563327
Time elapsed: 1 hour(s), 32 minute(s), 52 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 53

Memory Processes Infected:
c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> 1664 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\DC3_FEXEC (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\program files (x86)\POL (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.

Files Infected:
c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\project neptune\project neptune\project neptune v1.32.exe (PUP.Keylogger) -> Quarantined and deleted successfully.
c:\english music\call_of_duty_4_crackfix_and_keygen-razor1911\rzr-cd4f\rzr-cod4.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\framework\msf3\data\templates\template_x86_windows.exe (Trojan.Swrort) -> Quarantined and deleted successfully.
c:\framework\msf3\data\templates\.svn\text-base\template_x86_windows.exe.svn-base (Trojan.Swrort) -> Quarantined and deleted successfully.
c:\Administrator\windows 7 activator\windows7activator.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.
c:\program files (x86)\Cain\Abel.exe (HackTool.Cain) -> Quarantined and deleted successfully.
c:\program files (x86)\Cain\Abel64.exe (HackTool.Cain) -> Quarantined and deleted successfully.
c:\program files (x86)\Cain\Cain.exe (PUP.Passwordtool.Cain) -> Quarantined and deleted successfully.
c:\Sandbox\administrator\defaultbox\user\current\AppData\Local\Temp\operapassview.exe (PUP.OperaPasswordTool) -> Quarantined and deleted successfully.
c:\Users\administrator\Desktop\pzn-nsft\pzn-nfst.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\hash\3.0.9\natives images files\bb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\hash\3.0.9\natives images files\cc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\ownz crypter v3.0.9\natives images files\aa.exe (Backdoor.Agent.Gen) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\ownz crypter v3.0.9\natives images files\bb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\ownz crypter v3.0.9\natives images files\cc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\ownz crypter v3.0.9\natives images files\dd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\predator 4.x.x software private version cracked + working source\predator pain logger 4.1.x - cracked.exe (Malware.Generic) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\predator 4.x.x software private version cracked + working source_2\predator pain logger 4.1.x - cracked.exe (Malware.Generic) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\usb password steal\usb password steal\iepv.exe (PUP.PSW.Passview) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\usb password steal\usb password steal\mailpv.exe (PUP.MailPassView) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\usb password steal\usb password steal\mspass.exe (PUP.PSW.MessenPass) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\usb password steal\usb password steal\ProduKey.exe (PUP.PSWTool.ProductKey) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\usb password steal\usb password steal\wirelesskeyview.exe (PUP.WirelessKeyView) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\vnc_scanner_gui\vnc_scanner_gui.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\wpepro09mod\wpe pro - modified.exe (HackTool.Sniffer.WpePro) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\compressed\wpepro09mod\WpeSpy.dll (HackTool.Sniffer.WpePro) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\Programs\proxychecker-1.0.0.28.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\Programs\smileycentralpfsetup2.3.78.2.nosa.nohp.znfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\Programs\windows3.exe (Backdoor.Fynloski) -> Quarantined and deleted successfully.
c:\Users\administrator\documents\downloads\Programs\windowsapplication2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\easyauths.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\4.4\4.4\Update.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\4.4\4.4\Crypters\res1.exe (Backdoor.Agent.H) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\4.4\4.4\data\station.bin (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\4.4\4.4\data\stub.bin (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\idm internet download manager 6.05 build 7 final + keygen and patch\internet download manager 6.05 build 7 final\internet download manager 6.05 build 7 final\PATCH.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\idm internet download manager 6.05 build 7 final + keygen and patch\internet download manager 6.05 build 7 final\internet download manager 6.05 build 7 final\keygen-snd\SnDk&p.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\internet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-snd\SND\SnDk&p.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\kms activator for microsoft office 2010 applications x86 x64 multilingual-fixiso~dibya\mini-kms_activator_v1.053.exe (PUP.Hacktool.Office) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\pin generator v1.0\pin generator v1.0.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\program files (x86)\POL\qs.html (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\project neptune v1.4\project neptune\project neptune v1.4.exe (PUP.Keylogger) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\project neptune(2)\project neptune\project neptune v1.45.exe (PUP.Keylogger) -> Quarantined and deleted successfully.
c:\Users\administrator\downloads\yoyopingen\yoyopingen\ieproxy.dll (Spyware.Passwords.Gen) -> Quarantined and deleted successfully.
c:\Users\administrator\AppData\Roaming\data.dat (Stolen.Data) -> Quarantined and deleted successfully.
c:\Users\administrator\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.
c:\Users\Public\winupdate.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
c:\Users\administrator\templates\cdkeys.txt (Stolen.Data) -> Quarantined and deleted successfully.
c:\program files (x86)\POL\POL.chm (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
c:\program files (x86)\POL\tray.gif (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
c:\program files (x86)\POL\menu.gif (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
c:\program files (x86)\POL\uninstall.exe (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.


Here you go.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:16 AM

Posted 09 December 2011 - 07:38 AM

Did you complete the ESET scan?


Your Malwarebytes Anti-Malware log indicates you are using an outdated database version.
The database shows 7622. Last I checked it was 8335.

Please update it through the program's interface <- preferable method. If malware is blocking you from updating, then manually download the database definitions from one of the following locations (they may not be the most current as manual updates are behind in version level compared to updates from within the program) and just double-click on mbam-rules.exe to install:Then perform a new Quick Scan in normal mode and check all items found for removal. Don't forgot to reboot afterwards. Failure to reboot normally will prevent Malwarebytes from removing all the malware. When done, click the Logs tab and copy/paste the contents of the new report in your next reply.


IMPORTANT NOTE: Your scan log results indicate you are using keygens/crack tools.

The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

I strongly recommend that you remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so they need to be removed.

Using these types of programs or the websites visited to get them is very likely how your computer got infected!!
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users